fix(users): validate password reset mobile input

2026-05-03 17:10:00 +03:30
parent 0823267544
commit 8ff1e4fa61
2 changed files with 48 additions and 8 deletions
--- a/apps/users/api/serializers.py
+++ b/apps/users/api/serializers.py
@@ -6,6 +6,11 @@ from core.serializers.base import BaseModelSerializer

 User = get_user_model()

+INVALID_MOBILE_FORMAT_MESSAGE = "فرمت شماره موبایل نادرست است."
+INVALID_MOBILE_NUMBER_MESSAGE = "شماره موبایل معتبر نیست."
+PASSWORD_MISMATCH_MESSAGE = "رمز عبور مطابقت ندارد."
+NEW_PASSWORD_MISMATCH_MESSAGE = "رمز عبور جدید و تکرار آن مطابقت ندارند."
+

 class UserProfilePictureSerializer(BaseModelSerializer):
    class Meta:
@@ -39,10 +44,10 @@ class RegisterSerializer(serializers.Serializer):
        re_password = data.get("re_password", "")

        if not (mobile.isdigit() and len(mobile) == 11):
-            raise serializers.ValidationError({"mobile": "ÙØ±Ù…Øª Ø´Ù…Ø§Ø±Ù‡ Ù…ÙˆØ¨Ø§ÛŒÙ„ Ù†Ø§Ø¯Ø±Ø³Øª Ø§Ø³Øª."})
+            raise serializers.ValidationError({"mobile": INVALID_MOBILE_FORMAT_MESSAGE})

        if password != re_password:
-            raise serializers.ValidationError({"password": "Ø±Ù…Ø² Ø¹Ø¨ÙˆØ± Ù…Ø·Ø§Ø¨Ù‚Øª Ù†Ø¯Ø§Ø±Ø¯."})
+            raise serializers.ValidationError({"password": PASSWORD_MISMATCH_MESSAGE})

        return data

@@ -54,7 +59,7 @@ class SendOTPSerializer(serializers.Serializer):

    def validate_mobile(self, value):
        if not value.isdigit() or len(value) != 11 or not value.startswith("09"):
-            raise serializers.ValidationError("Ø´Ù…Ø§Ø±Ù‡ Ù…ÙˆØ¨Ø§ÛŒÙ„ Ù…Ø¹ØªØ¨Ø± Ù†ÛŒØ³Øª.")
+            raise serializers.ValidationError(INVALID_MOBILE_NUMBER_MESSAGE)
        return value


@@ -65,7 +70,7 @@ class LoginOtpSerializer(serializers.Serializer):

    def validate_mobile(self, value):
        if not (value.isdigit() and len(value) == 11):
-            raise serializers.ValidationError("ÙØ±Ù…Øª Ø´Ù…Ø§Ø±Ù‡ Ù…ÙˆØ¨Ø§ÛŒÙ„ Ù†Ø§Ø¯Ø±Ø³Øª Ø§Ø³Øª.")
+            raise serializers.ValidationError(INVALID_MOBILE_FORMAT_MESSAGE)
        return value


@@ -75,7 +80,7 @@ class LoginSerializer(serializers.Serializer):

    def validate_mobile(self, value):
        if not (value.isdigit() and len(value) == 11):
-            raise serializers.ValidationError("ÙØ±Ù…Øª Ø´Ù…Ø§Ø±Ù‡ Ù…ÙˆØ¨Ø§ÛŒÙ„ Ù†Ø§Ø¯Ø±Ø³Øª Ø§Ø³Øª.")
+            raise serializers.ValidationError(INVALID_MOBILE_FORMAT_MESSAGE)
        return value


@@ -90,7 +95,7 @@ class GoogleOAuthCompleteSerializer(serializers.Serializer):
    def validate_mobile(self, value):
        normalized = "".join(ch for ch in value if ch.isdigit())
        if len(normalized) != 11 or not normalized.startswith("09"):
-            raise serializers.ValidationError("ÙØ±Ù…Øª Ø´Ù…Ø§Ø±Ù‡ Ù…ÙˆØ¨Ø§ÛŒÙ„ Ù†Ø§Ø¯Ø±Ø³Øª Ø§Ø³Øª.")
+            raise serializers.ValidationError(INVALID_MOBILE_FORMAT_MESSAGE)
        return normalized


@@ -105,9 +110,14 @@ class ResetPasswordSerializer(serializers.Serializer):
    password = serializers.CharField(write_only=True)
    re_password = serializers.CharField(write_only=True)

+    def validate_mobile(self, value):
+        if not value.isdigit() or len(value) != 11 or not value.startswith("09"):
+            raise serializers.ValidationError(INVALID_MOBILE_NUMBER_MESSAGE)
+        return value
+
    def validate(self, data):
        if data.get("password") != data.get("re_password"):
-            raise serializers.ValidationError({"password": "Ø±Ù…Ø² Ø¹Ø¨ÙˆØ± Ù…Ø·Ø§Ø¨Ù‚Øª Ù†Ø¯Ø§Ø±Ø¯."})
+            raise serializers.ValidationError({"password": PASSWORD_MISMATCH_MESSAGE})
        return data


@@ -118,7 +128,8 @@ class ChangePasswordSerializer(serializers.Serializer):

    def validate(self, data):
        if data.get("new_password") != data.get("re_password"):
-            raise serializers.ValidationError({"new_password": "Ø±Ù…Ø² Ø¹Ø¨ÙˆØ± Ø¬Ø¯ÛŒØ¯ Ùˆ ØªÚ©Ø±Ø§Ø± Ø¢Ù† Ù…Ø·Ø§Ø¨Ù‚Øª Ù†Ø¯Ø§Ø±Ù†Ø¯."})
+            raise serializers.ValidationError({"new_password": NEW_PASSWORD_MISMATCH_MESSAGE})
+
        return data